Adapt for use with whiteboard OSGi specs

diff --git a/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java
index cbbc04fc998cdc783cb5a19e8fee777df95e0285..eb9b435682e1fd869535c0485adf765401026a45 100644 (file)
--- a/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java
+++ b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServlet.java
@@ -306,4 +306,8 @@ public class RunnerServlet extends HttpServlet {
 
        }
 
+       protected ExecutorService getExecutor() {
+               return executor;
+       }
+
 }

diff --git a/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServletContextHelper.java b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServletContextHelper.java
new file mode 100644 (file)
index 0000000..c216d6d
--- /dev/null
+++ b/org.argeo.slc.core/src/org/argeo/slc/core/execution/http/RunnerServletContextHelper.java
@@ -0,0 +1,56 @@
+package org.argeo.slc.core.execution.http;
+
+import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.node.NodeConstants;
+import org.osgi.service.http.context.ServletContextHelper;
+
+public class RunnerServletContextHelper extends ServletContextHelper {
+       final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+       private final String httpAuthRealm = "Runner";
+
+       @Override
+       public boolean handleSecurity(final HttpServletRequest request, HttpServletResponse response) throws IOException {
+               LoginContext lc;
+               try {
+                       lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, new HttpRequestCallbackHandler(request, response));
+                       lc.login();
+               } catch (LoginException e) {
+                       lc = processUnauthorized(request, response);
+                       if (lc == null)
+                               return false;
+               }
+               Subject.doAs(lc.getSubject(), new PrivilegedAction<Void>() {
+
+                       @Override
+                       public Void run() {
+                               request.setAttribute(REMOTE_USER, AccessController.getContext());
+                               return null;
+                       }
+
+               });
+
+               return true;
+       }
+
+       protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) {
+               askForWwwAuth(request, response);
+               return null;
+       }
+
+       protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) {
+               response.setStatus(401);
+               response.setHeader(HEADER_WWW_AUTHENTICATE, "Basic realm=\"" + httpAuthRealm + "\"");
+
+       }
+
+}